Collaborate Disseminate
I am testing a deep packet inspection based application to block certain undesirable websites in a corporate network, eg gambling – williamhill.es . We do this by matching ServerName (HTTPS) or Host (HTTP) in TLS ClientHello against a list… Continue reading HTTP-fallback and site settings in Chrome?
There are times when tiny displays no longer cut it. Whether you want to build a tablet or reuse some laptop displays, you will eventually deal with LVDS and eDP …read more Continue reading Displays We Love Hacking: LVDS and eDP
Ordering a PCB with mistakes sucks. We should help each other avoid such mistakes – especially newcomers. One of the best ways to avoid these mistakes, especially if it’s your …read more Continue reading Design Review: DPI-LVDS Sony Vaio LCD Devboard
I am investigating censorship in India, and know with a high degree of confidence that it is being blocked based on the SNI extension in the TLS ClientHello.
I am in control of both the Client (in India) and the Server (in Germany). I sus… Continue reading Possible to determine who on the Internet is resetting (RST) my TCP connection? [closed]
I wrapped my Socks5 traffic in TLS using Stunnel and the Stunnel server is listening on the port 443:tcp.
I can connect successfully to Stunnel server and exchange Socks5 traffic.
From the perspective of DPI (Deep packet inspection), is th… Continue reading Does the traffic tunnelled using Stunnel on port 443:TCP appear the same as normal HTTPS to DPI?
If the key exchange happens when using lets say Wireguard or any other protocols that use IKA, and the connection never drops, could the ISP still detect the VPN traffic using Deep Packet Inspection?
guys, I live in Russia and that pretty much says it all.
I was using a standard self-hosted VPN on a DO droplet, but now I’m afraid that since VPN usage in Russia started to spread like a wildfire after the recent Instagram ban the Russian… Continue reading Best way to avoid DPI/tunnel detection?
When someone tries to exploit a vulnerability either by sending traffic to the device directly or by making users click on malicious attachments, drive by exploits or other ways, is it possible you miss the initial attack vector even when … Continue reading Can you hide the initial exploit despite complete visibility into the network traffic?
I live in a country with censorship and was wondering if it’s possible to bypass DPI by just enabling ESNI, DNS over HTTPS and Always HTTPS? If not, what else should I enable to bypass DPI firewall without having to go the VPN route?
I’ve just read about the detecting and blocking of Tor traffic by DPI but now I’m curious about analyzing the data you send over Tor and matching it with your true identity by deep-inspecting the data packets that leave your PC/router. (If… Continue reading Analyzing Tor traffic through Deep Packet Inspection?